6 Steps for Ensuring Small Business Network Security

Securing your network is a journey of ongoing vigilance to stay one step ahead of the latest threats, changing technologies.

There’s no such thing as a static network. Just as your company is evolving, your small business network is constantly changing—and your network security must be equally adaptable. Installing a firewall and anti-virus software is just the first step in keeping malicious traffic, hackers, and other security threats out of your network.

Security is a journey. You must continuously monitor your infrastructure so you can adjust to changes in your company’s business, changes in technology, and changes in employee behavior. It’s important to remember that any conversation about security doesn’t usually start with a security issue. It starts with your next business objective.

Because small businesses are dynamic, you probably implement new technologies as you need them, sometimes on the fly when you need to solve a problem. For instance, an employee might bring in a laptop and decide your company needs wireless access, so you install a wireless access point. Now, that new wireless access point needs to be secured along with the laptop and any other wireless devices employees are using in the office. In the same way, new applications present new security challenges. With every change to the network—from hardware to software to the cloud—you must also adapt your security measures to make sure no new holes have opened up.

Staying on top of your network security can be a daily job, but it’s important to take the long view. A great first step is to invest in an all-in-one security solution designed for small business networks. For example, the Cisco SA500 Series Security Appliances can provide a firewall, VPN, wireless, email and web threat protections (malware, viruses, phishing, etc) and an intrusion prevention system (IPS) all in one device. A solution like this help make securing your network easier and more straightforward.

For ongoing security efforts, follow these steps to ensure your network is protected:

1. Monitor the traffic coming in and going out your firewall and read the reports carefully. Don’t rely on alerts to flag dangerous activity. Make sure someone on your team understands the data and is prepared to take the necessary action.

2. Keep an eye on new threats as they’re discovered and posted online. For example, Trend Micro’s TrendWatch site tracks current threat activity. Also, you can have the U.S. Computer Emergency Readiness Team (US-CERT, a division of Homeland Security) email alerts to you about recently confirmed software vulnerabilities and exploits.

3. Enable regular updates for your firewall and anti-virus software. Look for software, such as Cisco ProtectLink Security Solutions, which update automatically and around the clock, whenever a new threat arises.

4. Train employees on an ongoing basis so they understand any changes to your acceptable-use policy. Also, encourage a ”neighborhood watch“ approach to security. If an employee notices anything suspicious, such as not being able to log into an email account right away, he or she should notify the appropriate person immediately.

5. Install a data protection solution, such asan automated backup system like the Cisco NSS300 Series Smart Storage. The NAS device, can protect your business from data loss if your network’s security is breached.

6. Consider additional security solutions that will further protect your network as well as expand your company’s capabilities. For example, an intrusion prevention system (IPS) lets you block peer-to-peer traffic, such as instant messaging, while a secure wireless network lets users stay productive anywhere in the building.

If there’s one thing you can count on, it’s the ever-morphing nature of security. New hacks are tried and thwarted, and technologies are always being developed to fight off new malicious software. So it’s important to continually evaluate new security technologies as they’re released and determine if they’re appropriate for your small business.

Last but not least, assess what you can handle in-house in regards to network security and ask for help from security experts if you need it.

If you’re interested in learning more about security threats and social media, attend my webcaston March 15.

Some of the individuals posting to this site, including the moderators, work for Cisco Systems. Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of Cisco. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Cisco or any other party. This site is available to the public. No information you consider confidential should be posted to this site. By posting you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to the Website and release Cisco from any liability related to your use of the Website. You also grant to Cisco a worldwide, perpetual, irrevocable, royalty-free and fully-paid, transferable (including rights to sublicense) right to exercise all copyright, publicity, and moral rights with respect to any original content you provide. The comments are moderated. Comments will appear as soon as they are approved by the moderator.